Calendar An icon of a desk calendar. Cancel An icon of a circle with a diagonal line across. Caret An icon of a block arrow pointing to the right. Email An icon of a paper envelope. Facebook An icon of the Facebook "f" mark. Google An icon of the Google "G" mark. Linked In An icon of the Linked In "in" mark. Logout An icon representing logout. Profile An icon that resembles human head and shoulders. Telephone An icon of a traditional telephone receiver. Tick An icon of a tick mark. Is Public An icon of a human eye and eyelashes. Is Not Public An icon of a human eye and eyelashes with a diagonal line through it. Pause Icon A two-lined pause icon for stopping interactions. Quote Mark A opening quote mark. Quote Mark A closing quote mark. Arrow An icon of an arrow. Folder An icon of a paper folder. Breaking An icon of an exclamation mark on a circular background. Camera An icon of a digital camera. Caret An icon of a caret arrow. Clock An icon of a clock face. Close An icon of the an X shape. Close Icon An icon used to represent where to interact to collapse or dismiss a component Comment An icon of a speech bubble. Comments An icon of a speech bubble, denoting user comments. Comments An icon of a speech bubble, denoting user comments. Ellipsis An icon of 3 horizontal dots. Envelope An icon of a paper envelope. Facebook An icon of a facebook f logo. Camera An icon of a digital camera. Home An icon of a house. Instagram An icon of the Instagram logo. LinkedIn An icon of the LinkedIn logo. Magnifying Glass An icon of a magnifying glass. Search Icon A magnifying glass icon that is used to represent the function of searching. Menu An icon of 3 horizontal lines. Hamburger Menu Icon An icon used to represent a collapsed menu. Next An icon of an arrow pointing to the right. Notice An explanation mark centred inside a circle. Previous An icon of an arrow pointing to the left. Rating An icon of a star. Tag An icon of a tag. Twitter An icon of the Twitter logo. Video Camera An icon of a video camera shape. Speech Bubble Icon A icon displaying a speech bubble WhatsApp An icon of the WhatsApp logo. Information An icon of an information logo. Plus A mathematical 'plus' symbol. Duration An icon indicating Time. Success Tick An icon of a green tick. Success Tick Timeout An icon of a greyed out success tick. Loading Spinner An icon of a loading spinner. Facebook Messenger An icon of the facebook messenger app logo. Facebook An icon of a facebook f logo. Facebook Messenger An icon of the Twitter app logo. LinkedIn An icon of the LinkedIn logo. WhatsApp Messenger An icon of the Whatsapp messenger app logo. Email An icon of an mail envelope. Copy link A decentered black square over a white square.

Securi-Tay conference gets into the minds of the cyber criminals

Colin McLean, lecturer in ethical hacking at Abertay.
Colin McLean, lecturer in ethical hacking at Abertay.

Delegates are in Dundee today for Scotland’s largest cyber-security conference, hosted by Abertay University. Jennifer McLaren learns more about ‘ethical’ hacking’.

Many of us will spend a lot of time on the internet, whether it be browsing, buying, banking or communicating. A question we should always ask ourselves but perhaps rarely do is: how safe is our information?

While it’s important to be security conscious on a personal level, the organisations storing our details also have a duty to keep sensitive data safe which means keeping hackers out.

The term “hacking” is generally perceived to be a negative one from its context to violently chop or cut or to commit a foul in sport.

In computing terms, however, to hack means to skilfully manipulate a computer program. The only problem is most of the time the reason for doing this is to gain unauthorised access to another system.

So, by its very nature, ethical hacking is the reverse of this. Yes, ethical hackers must know how to gain unauthorised access to computer systems but only so they can put measures in place to prevent someone else doing the same, with the intention to harm.

From its humble beginnings three years ago, the Securi-Tay conference at Abertay University has come a long way.

Organised by a team of ethical hacking students, it will today bring together more than 100 delegates from education, industry and law enforcement to focus on issues surrounding cyber security.

There will be a series of talks and discussions by industry leaders, academics and students from Abertay’s ethical hacking degree courses, who have an opportunity to present their research.

The event has gained sponsorship and support from major internet security companies including NCC Group, Cigital and MWR InfoSec.

The university’s ethical hacking degree course was launched in 2006 by programme tutor Colin McLean and is the first of its kind in the UK. Since then it has built up a fine reputation for providing graduates with the attributes required by the leading security companies in the UK.

Colin explains: “Employability prospects for our students are huge. Currently, we can’t produce enough graduates for the jobs that are out there.”

Up until now, the majority of employers have come from south of the border but Colin says Scottish businesses are now starting to wake up to the need for security experts.

According to figures released by the Scottish Business Resilience Centre, the cost of computer crime in Scotland is estimated at £5 billion each year that is £160 every second.

“Because security is such a specialist topic for the department, it is now being introduced to other courses including web developing and computer games developers,” continues Colin.

“People are going to try to think of unique and novel ways to steal and so we have to try to imagine these or, if we spot them, try to do something about them.

“People think it’s quite strange, but actually it is natural because I don’t think you can secure anything without thinking like a criminal.”

Gavin Holt is a 4th year student at Abertay studying a BSc in ethical hacking and one of the people involved in running the conference. He says the event has more than doubled in size since it began in 2012.

The keynote speaker is Ollie Whitehouse from NCC, one of the largest internet security companies in Europe, who will be discussing physical security: “Hackers walking straight into companies and plugging into PCs,” Gavin explains.

“There are also talks about global internet security, personal security and even social engineering the concept that a hacker could spend all day trying to break a password, but if they called a person up and said they were from a helpdesk then they might get it over the phone.”

Gavin got into ethical hacking because he is passionate about writing computer code.

“I have always been fascinated with computers and how they work and all that ethical hacking is is understanding in very great detail how computers work.”

He says there are different kinds of hackers: “You’ve got people hacking for profit probably the biggest market.

“There are hackers in Eastern Europe who are running hundreds of thousands of computers, stealing passwords and buying details.

“The second type is those who do it for credit and reputation, so they can say, ‘I did this’, and your third type is political activists the group Anonymous, for example who do what they do to effect change.”

For example, on July 4, 2011, Fox News fell victim to hacking when its politics Twitter feed announced that President Barack Obama had been shot dead.

Meanwhile, on April 23 last year the Associated Press had its Twitter account compromised by ‘hacktivists’ when a post appeared stating Obama had been injured in an explosion at the White House. The announcement sent the US stock market into turmoil.

As a marketplace, cyber security and information security is growing at pace, and rarely a month passes without news a company has been hacked.

Gavin says: “For example, on New Year’s Day 4.6 million people’s details were stolen from Snapchat and the interesting thing about that is they were told in September 2013 by a set of researchers that they were vulnerable and they ignored it.

“In the last four years the biggest shift hasn’t been what attackers are doing but what there is to attack. As more and more things go on line, the more people are becoming vulnerable.”